Wireless guru & Ethical Hacker Network columnist, Dan Hoffman, shares his secrets on what it's like being a professional "ethical hacker" in a video interview with NetworkWorld. See the story titled, Good Will Hacking:

Nice interview, but it bothered me when he stated that the “underground has at lot more knowledge than the typical ethical hacker.” He states that they are the ones creating a lot of the exploits and the best we can do is garner that and try to replicate that knowledge. That statement makes the EH look weak and is not reality based. I disagree totally with that statement and if you really know the underground, which most ethical hackers don’t, you would see how false a statement that is. Most of the better exploits have been developed by people doing serious exploit research and then they are ripped off by the underground at a later time. Yes I know there are some exploits that the so called black hats have developed and I am the first to take my “white hat” off to them, but let’s keep it real. Look at the Cisco router hack that was revealed at Defcon. That was not from the underground and that was the hack of the century. I can relate many more from those working on the secure side of things. The problem is, the ethical hacker community is a very new thing and not connected. Thats why I support this board! There are some extremely high level people in this community and have skills that go way beyond anything in the so called black hat community. CISSP’s are not supposed to have a relationship with known hackers and I think that’s a weak part of their code of ethics. That is the main reason I havent taken that cert. If you know the dark side then you don’t make it more romantic than what it really is. I have seen it and 90% is lame. If the industry sees us as just trying to “keep up” why would they respect us?

Last edited by Kev on Sun Dec 17, 2006 2:53 pm, edited 1 time in total.

There are several talented black hats in the underground that have created sophisticated exploits, but they just keep them quiet. These exploits are then later developed by security professional and get all the credit. Just think of all the vulnerabilities that have been discovered in the past (thanks to 0-day exploit) that were unknown to the security community. And then think of all the vulnerabilities and exploits that exist, which are yet to be discovered, but are out there in the wild, shared among the black hats or secretly kept by the owner.

Thanks for the comment and I agree with your post, but I still feel the skill level is higher on the “ethical” side of things. The statement was made that the underground is more advanced than the typical ethical hacker. I guess you can interpret that many was I suppose. But I would say as far as hacking goes, in my opinion its completely opposite. The average black hat is a teenage script kiddie while most ethical hackers are seasoned admin trying to protect their networks.

Last edited by Kev on Sun Dec 17, 2006 2:55 pm, edited 1 time in total.

My comment about the underground had nothing to do with Black Hat vs. White Hat. The point I was trying to get across was that the people who discover the vulnerabilities and write tools to run the applicable exploits have more knowledge than those that simply learn how to run the tools. These engineers are not necessarily part of the CISSP, CEH, etc. cert process. Metasploit is a good example. Ethical Hackers are taught how to launch exploits with that tool, but that doesn't require as much knowledge as discovering the vulnerability in the first place and creating the tool to take advantage of it. The typical Corporate Security guy isn't discovering new vulnerabilities and writing his own exploits. He is garnering the knowledge of others and applying that knowledge. That was my point.

I agree with that, but Kev's point has validity. The area of vulnerability/exploit research has grown exponentially in the last few years. These researchers are not the typically corporate security guy focused more on ops, they are a mix of highly educated engineers and talented software guys and I think they are on average more talented then the bulk of blackhats. There are likely a handful of elite blackhats that are making millions on selling private exclusive remote 0-days and they are the best because they aren't as tied to a 40hr work week mentality and will stay up several days straight testing code and often have more financial motivation then whitehats to succeed. Another factor to consider is the whitehat talent within the NSA and other gov agencies, which tilts the elite talent pool even more towards the whitehat side. With all this considered I think more ground breaking exploit may be done by a smaller elite community of blackhats, but IMO there is more talent as a whole on the whitehat side of things. Now the impact of that, is entirely subjective, because all it takes is for one guy to be able to defeat your security and your hosed.

Again, my statement has nothing to do with White Hat vs. Black Hat. It has to do with those developing the tools and discovering the exploits vs. those who simply know how to run the exploits via the tools provided. I don't see a disagreement between my statement, Kev's and anybody elses. We are talking about two different classifications of people. Kev is talking about Black Hat vs. White Hat, I'm talking about those who discover exploits and create tools vs. someone who simply knows how to use a previously developed tool with an exploit created and discovered by someone else. In my opinion, the creator of Metasploit would have more technical knowledge than a person who simply knows how to run Metasploit commands. Would you guys disagree with that?

Thank you for taking the time to post your thoughts. We are probably just arguing over semantics, which happens a lot when terms like hacker, etc. are used. If by what you term as the underground is specifically those that are finding ways to exploit and crack systems and if by ethical hacker you are using the Ec-council standard. Well, I would have to agree with your statement completely. Of course writing exploits and tools requires more skill than to use them, although I have seen some brilliant things done with tools in the hands of extremely talented and seasoned professionals. In those few instances I might say it took less skill to make the paint brush than for the artist Rembrandt to paint his masterpiece. Ok, that might be a bit of an exaggeration, but those of you that have seen some really clever people at work know what I mean.

My interpretation of the term underground is all inclusive and I include the term “black hat.” I include those that are writing exploits so they can crack systems to the small underground hacking groups that might consists of teenage script kiddies. I see the Ethical Hacker as an all inclusive term also and I go way beyond the narrow confines of what the EC-Council certifies. Everyone that is involved in discovering exploits to pentesting in order to secure networks from malicious attacks is a “white hat” or ethical hacker. I see hacking as “thinking outside the box” whether for good or bad. I like this more inclusive approach because its puts everyone working in security on the same team so to speak. Also, if you view it this way, this Ethical community is very formidable. I believe it’s important for the business world to not take the underground for granted, but also believe they can feel reasonably secure if they place their networks in the hands of high level security professionals.